Exam overview
This exam tests your knowledge and skills related to implementing core enterprise network technologies, including:
- Dual stack (IPv4 and IPv6) architecture
- Virtualization
- Infrastructure
- Network assurance
- Security
- Automation
Curriculum
- 4 Sections
- 82 Lessons
- 10 Weeks
Expand all sectionsCollapse all sections
- 1.0 Architecture20
- 1.01.1 Explain the different design principles used in an enterprise network
- 1.11.1.a Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
- 1.21.1.b High availability techniques such as redundancy, FHRP, and SSO
- 1.31.2 Analyze design principles of a WLAN deployment
- 1.41.2.a Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
- 1.51.2.b Location services in a WLAN design
- 1.61.3 Differentiate between on-premises and cloud infrastructure deployments
- 1.71.4 Explain the working principles of the Cisco SD-WAN solution
- 1.81.4.a SD-WAN control and data planes elements
- 1.91.4.b Traditional WAN and SD-WAN solutions
- 1.101.5 Explain the working principles of the Cisco SD-Access solution
- 1.111.5.a SD-Access control and data planes elements
- 1.121.5.b Traditional campus interoperating with SD-Access
- 1.131.6 Describe concepts of wired and wireless QoS
- 1.141.6.a QoS components
- 1.151.6.b QoS policy
- 1.161.7 Differentiate hardware and software switching mechanisms
- 1.171.7.a Process and CEF
- 1.181.7.b MAC address table and TCAM
- 1.191.7.c FIB vs. RIB
- 2.0 Virtualization10
- 2.02.1 Describe device virtualization technologies
- 2.12.1.a Hypervisor type 1 and 2
- 2.22.1.b Virtual machine
- 2.32.1.c Virtual switching
- 2.42.2 Configure and verify data path virtualization technologies
- 2.52.2.a VRF
- 2.62.2.b GRE and IPsec tunneling
- 2.72.3 Describe network virtualization concepts
- 2.82.3.a LISP
- 2.92.3.b VXLAN
- 3.0 Infrastructure45
- 3.03.1 Layer 2
- 3.13.1.a Troubleshoot static and dynamic 802.1q trunking protocols
- 3.23.1.b Troubleshoot static and dynamic EtherChannels
- 3.33.1.c Configure and verify common Spanning Tree Protocols (RSTP and MST)
- 3.43.2 Layer 3
- 3.53.2.a Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. link state, load balancing, path selection, path operations, metrics)
- 3.63.2.b Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
- 3.73.2.c Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)
- 3.83.3 Wireless
- 3.93.3.a Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
- 3.103.3.b Describe AP modes and antenna types
- 3.113.3.c Describe access point discovery and join process (discovery algorithms, WLC selection process)
- 3.123.3.d Describe the main principles and use cases for Layer 2 and Layer 3 roaming
- 3.133.3.e Troubleshoot WLAN configuration and wireless client connectivity issues
- 3.143.4 IP Services
- 3.153.4.a Describe Network Time Protocol (NTP)
- 3.163.4.b Configure and verify NAT/PAT
- 3.173.4.c Configure first hop redundancy protocols, such as HSRP and VRRP
- 3.183.4.d Describe multicast protocols, such as PIM and IGMP v2/v3
- 3.194.0 Network Assurance
- 3.204.1 Diagnose network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog
- 3.214.2 Configure and verify device monitoring using syslog for remote logging
- 3.224.3 Configure and verify NetFlow and Flexible NetFlow
- 3.234.4 Configure and verify SPAN/RSPAN/ERSPAN
- 3.244.5 Configure and verify IPSLA
- 3.254.6 Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management
- 3.264.7 Configure and verify NETCONF and RESTCONF
- 3.275.0 Security
- 3.285.1 Configure and verify device access control
- 3.295.1.a Lines and password protection
- 3.305.1.b Authentication and authorization using AAA
- 3.315.2 Configure and verify infrastructure security features
- 3.325.2.a ACLs
- 3.335.2.b CoPP
- 3.345.3 Describe REST API security
- 3.355.4 Configure and verify wireless security features
- 3.365.4.a EAP
- 3.375.4.b WebAuth
- 3.385.4.c PSK
- 3.395.5 Describe the components of network security design
- 3.405.5.a Threat defense
- 3.415.5.b Endpoint security
- 3.425.5.c Next-generation firewall
- 3.435.5.d TrustSec, MACsec
- 3.445.5.e Network access control with 802.1X, MAB, and WebAuth
- 6.0 Automation7
- 4.06.1 Interpret basic Python components and scripts
- 4.16.2 Construct valid JSON encoded file
- 4.26.3 Describe the high-level principles and benefits of a data modeling language, such as YANG
- 4.36.4 Describe APIs for Cisco DNA Center and vManage
- 4.46.5 Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF
- 4.56.6 Construct EEM applet to automate configuration, troubleshooting, or data collection
- 4.66.7 Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack
